package com.px.user.security;


import com.px.common.security.AuthExceptionFilter;
import com.px.common.security.TokenService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableWebSecurity
public class ClientSecurityConfig {

    @Autowired
    private TokenService tokenService;

    @Configuration
    @Order(1)
    class PreSecurityConfig extends WebSecurityConfigurerAdapter {

        @Override
        protected void configure(AuthenticationManagerBuilder auth) {
            auth.authenticationProvider(new TokenAuthenticationProvider(tokenService));
        }

        @Override
        public void configure(WebSecurity web) throws Exception {
            web.ignoring()
                    .antMatchers(HttpMethod.GET, "/sensi/check")
                    .antMatchers(HttpMethod.POST, "/profile/sendSms/*")
                    .antMatchers(HttpMethod.POST, "/profile/join/*")
                    .antMatchers(HttpMethod.POST, "/profile/passwordSms")
                    .antMatchers(HttpMethod.POST, "/money/charge/res")
                    .antMatchers(HttpMethod.PUT, "/profile/password")
                    .antMatchers(HttpMethod.PUT, "/profile/passwordByPass")
                    .antMatchers(HttpMethod.GET, "/profile/avatar")
                    .antMatchers(HttpMethod.GET, "/profile/teacher/*")
                    .antMatchers(HttpMethod.GET, "/course")
                    .antMatchers(HttpMethod.GET, "/cheat")
                    .antMatchers(HttpMethod.GET, "/")
                    .antMatchers(HttpMethod.GET, "/csrf")
                    .antMatchers(HttpMethod.GET, "/room/list")
                    .antMatchers(HttpMethod.GET, "/room/rewardRank/*")
                    .antMatchers(HttpMethod.GET, "/room/*")
                    .antMatchers(HttpMethod.GET, "/room/users/*")
                    .antMatchers(HttpMethod.GET, "/room/video/*")
                    .antMatchers("/swagger-ui.html", "/webjars/**", "/v2/api-docs", "/swagger-resources/**");
        }

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http.addFilterBefore(new AuthExceptionFilter(), BasicAuthenticationFilter.class)
                    .addFilterAfter(new TokenAuthenticationFilter(), BasicAuthenticationFilter.class)
                    .authorizeRequests().anyRequest().authenticated()
                    .and()
                    .csrf().disable()
                    .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        }
    }
}
